Why Legal Hold Technology Is More Than “Just Sending a Few Emails”

When it comes to a pending litigation, the duty to preserve electronic data is clearly laid out in the Federal Rules of Civil Procedure (FRCP). Check out this recent IPRO blog for an overview.

But when it comes to the actual process of letting custodians know they need to preserve data regarding an upcoming litigation, things are a little more open-ended.

I once heard someone new to the legal tech industry say, “Legal Hold is no big deal; it’s just sending a bunch of emails,” which, while seemingly true on the surface, is the kind of gross oversimplification that can lead to problems.

As stated in ZyLAB’s Ultimate Guide to Legal Hold:

“In theory, the Legal Hold process is exceedingly simple: a Legal Hold order is sent by the organization’s legal department to “custodians” (employees or others who are in possession of data relevant to the case in question), after which the custodian makes sure that this data is preserved. By doing this, no relevant data is lost to deletion or destruction, and no evidence is lost…. Although the theory is straightforward, reality is often anything but.”

With this month’s eDiscovery Blues comic, we tried to have a little fun with the idea of legal hold. The custodian in the cartoon has received a notice to “lock down his data,” and goes a little overboard. It also hints at how things have changed from the first days of digital legal holds.

History of electronic legal hold requirements

The landmark case of Zubulake v. UBS Warburg, heard between 2003 and 2005, and ruled upon prior to the 2006 eDiscovery Amendments to the FRCP, often marks the official beginning of legal holds for electronically stored information (ESI). But at that time, a custodian’s data was usually relegated to their work computer.

Remember the days of only being able to log into your work email at work and your home email at home? So, they were simply told not to delete anything and maybe given a new machine. It’s probably why even now in action movies you’ll see FBI agents burst into an office and start confiscating computers.

But these days, things are much different. Data exists on multiple platforms in the cloud, and the work from home (WFH) revolution which happened in 2020 in response to the global pandemic has only exacerbated this. Gone are the days of a “work computer” and “work email.” Now, potential custodians are accessing data on a variety of personal and company-owned computers and mobile devices, sometimes simultaneously (who hasn’t checked their email on their phone while streaming a zoom call on their laptop or vice versa).

So now even if you “locked down” one device, the data and metadata still exist in the cloud, where it is vulnerable to spoliation.

The need for a formal legal hold process

This is why organizations need a solid legal hold process and legal hold technology. Not only does it automate the sending of the legal hold notices, which reduces burden on the legal team, it more importantly includes built-in audits and reports, which make the process defensible, and that is the key to everything.

Under the FRCP, if you can show “reasonable” effort in data preservation, you insulate yourself from sanctions. Audit reports show the reasonable effort to preserve data at every step, from sending the notices, to custodian confirmation, to the actual preservation of data and metadata.

Another area where the pairing of a clear legal process and legal hold technology is important is when it comes to an organization’s data retention policies. The IT department usually has some standard policy for deleting old emails and other unused data on a regular basis, as well as deleting company email accounts and wiping company computers after an employee has resigned, retired, or been terminated.

There are numerous examples where a legal hold was placed before a custodian’s departure from their company, but no one bothered to notify IT to suspend retention policies, and the custodian’s data was deleted on schedule, leading to spoliation.

Best practices for legal hold

Needless to say, a legal hold process is more than just sending a bunch of emails.

  • It should enable clear and trackable communication between legal departments, custodians, and IT.
  • It should include audit and reporting capabilities to ensure defensibility.
  • And it should provide a dynamic, big-picture view of all custodian data across various lawsuits and investigations.

In today’s global organizations with hundreds, thousands, even tens of thousands of employees creating data which can be potentially used in litigation, manually sending and confirming legal hold notices and tracking them in spreadsheets won’t cut it. And in this age of WFH and multiplatform SaaS collaboration tools, locking down a single machine doesn’t provide defensible data preservation. This is why a clearly understood legal hold process accompanied by defensible legal hold technology is a must, even if the FRCP doesn’t require it.

To learn more about legal hold technology from IPRO, visit our LEGAL HOLD page.